S3 Bucket Policy to make a specific sub folder public and everything else private?

Question 1

S3 Bucket Policy to make a specific sub folder public and everything else private?

amazon-web-services amazon-s3 zip mp3 bucket

realdannys · Feb 20, 2014 · Viewed 16.7k times · Source

Answer

Answer

I've done it!

I was trying all kinds of long-winded over-thought methods to try and accomplish this including the little known "not resource" when all I needed to do was take the default "allow all" policy and apply it to my specified sub-folders!

{
    "Version": "2008-10-17",
    "Statement": [
        {
            "Sid": "AllowPublicRead",
            "Effect": "Allow",
            "Principal": {
                "AWS": "*"
            },
            "Action": "s3:GetObject",
            "Resource": "arn:aws:s3:::BUCKETNAME/*/128/*"
        }
    ]
}

Note: Edited the resource name.

Question 2

We currently have an S3 bucket policy which makes everything public.

At the moment we a bucket "bucket1" and inside there are numbered sub folders for each entry numbers 01 upwards (e.g. 01, 02, 03) and inside that always a folder called "128".

What we want to do is make the files in the 128 folders always public.

So we'd need something to allow "bucket1/*/128" and everything else only be accessible with a time stamped signature.

Presuming this is possible but wouldn't know how to create the statement.

S3 Bucket Policy to make a specific sub folder public and everything else private?

Answer

Related questions